From owner-freebsd-fs@freebsd.org Mon Mar 2 00:19:37 2020 Return-Path: Delivered-To: freebsd-fs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 315732534A4 for ; Mon, 2 Mar 2020 00:19:37 +0000 (UTC) (envelope-from rmacklem@uoguelph.ca) Received: from CAN01-TO1-obe.outbound.protection.outlook.com (mail-to1can01on0622.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe5d::622]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail.protection.outlook.com", Issuer "GlobalSign Organization Validation CA - SHA256 - G3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 48W13q2Y5cz49vh for ; Mon, 2 Mar 2020 00:19:35 +0000 (UTC) (envelope-from rmacklem@uoguelph.ca) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=d/ebJrgHmpxCgtxS4HH5q+q+QNjN7lzvg7kpq7nDaS+h21ehwXEk1zhZzJMQaXeXP2DBPImdaMdK9Uy19OnRQwMZoE5ZR2r9FZpLcFcTBxA5b8vExwEhhzl2pclmx896SlALxvi8zF4Poi30Kp+Tw8OSSFQS2p2je1KqX67uUiAwVHCb5Xuta6TjCpGSaer6Y/hpw1SnEJoWBiScrDomYs1h4v/oAwRHDOKY2YNmTlrQbFUqAUyaKuM25jfeMvXM8xDqPg0ZsGFwCjUTEuYGe0DilgeHuGGj7aL4C6uN49W7Iz7W8I+BTiXQI7CSQOMOBp7BAzv2fQm/S5LC9ApBhQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=j5tM2qf+zFuG+u+D14QtsYuhoDWmXQpR0AA8juCgCyM=; b=flQ/nj2btUUqkE7+9XzkqH3WNvwRwXw6drWNGqjNxWwjvJuVRxvCX/lpOL9+LB4TZ1Lyqi41rFEjdb2djUpm7OQsirxxHlw5Mqvo2QaUr6qH+k9ZTq2jUioEuK7xeGcw0dx4azt4S1SUYA0iuWcx6KwD2sVYTwE2EJ+gaVz0P4jhKNObrljMaHFQi5jg36LvHDgeyabI4ldbkWpPHkG2vGCdDVOli8r5dcLNhAiGrpetkokQLwT7v1UxMyBszZAsoee/J/gvuUOobPtBxKHTbfUVuLCBdKA/AwdQPt98/QGF70cfEx2pHsTLrlLBBdoR8eUPUin66w+2FlyjkDTySg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=uoguelph.ca; dmarc=pass action=none header.from=uoguelph.ca; dkim=pass header.d=uoguelph.ca; arc=none Received: from YTBPR01MB3374.CANPRD01.PROD.OUTLOOK.COM (10.255.46.82) by YTBPR01MB3440.CANPRD01.PROD.OUTLOOK.COM (10.255.46.147) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2772.14; Mon, 2 Mar 2020 00:19:32 +0000 Received: from YTBPR01MB3374.CANPRD01.PROD.OUTLOOK.COM ([fe80::a50d:6237:4074:f9c4]) by YTBPR01MB3374.CANPRD01.PROD.OUTLOOK.COM ([fe80::a50d:6237:4074:f9c4%6]) with mapi id 15.20.2772.019; Mon, 2 Mar 2020 00:19:32 +0000 From: Rick Macklem To: Luoqi Chen , Martin Simmons CC: freebsd-fs Subject: Re: Linux could write to read only files on FreeBSD NFS server Thread-Topic: Linux could write to read only files on FreeBSD NFS server Thread-Index: AQHV7ZU6To48aBpgW0mPQBk2wdIrMagvh4MAgAATIQCAAALPjYAACluAgADNX9KAAFvlAIADoSCI Date: Mon, 2 Mar 2020 00:19:32 +0000 Message-ID: References: <707243CD-C67E-4DAD-AC5A-68EC11CFFDFD@lysator.liu.se> <6EC06026-DA28-4CAC-8D56-5C7856D4625E@lysator.liu.se> <202002281113.01SBDlsl017697@higson.cam.lispworks.com>, In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: yes X-MS-TNEF-Correlator: x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 8cfb1a25-2553-4967-b609-08d7be3f61aa x-ms-traffictypediagnostic: YTBPR01MB3440: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:1824; x-forefront-prvs: 033054F29A x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(396003)(346002)(39860400002)(136003)(376002)(366004)(189003)(199004)(8936002)(81166006)(55016002)(7696005)(478600001)(9686003)(81156014)(33656002)(6506007)(316002)(786003)(4326008)(8676002)(71200400001)(52536014)(2906002)(66476007)(66616009)(66446008)(64756008)(66556008)(66946007)(76116006)(5660300002)(110136005)(186003)(86362001); DIR:OUT; SFP:1101; SCL:1; SRVR:YTBPR01MB3440; H:YTBPR01MB3374.CANPRD01.PROD.OUTLOOK.COM; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1; received-spf: None (protection.outlook.com: uoguelph.ca does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: CH6NgiPRP2o5j1V3JAyf5YjqxwiLH9C4S7RV4f2secsYVHVGtCO7dWmX6okFSi36AI074Fyv4NRg+der7cJ/JOd/jNDTQKN910r1WmHU+ISAXu9oI18tFozZONukf1HMBFCWP0cwCoSMPjbe7A6KC3jOjnzmQ/8IQ7cCCYiPtvqb6awPMsx+GQjpaNJbNlQfcr2woOaBEFkl7A+lJdrfoSwipcq5e2NY+5OdbksKvQKfjhjWnIlAZ7aRDnnnv1xDSF9Zv9t7E3lCv794GoP4cq7bvg+FCWUq1wZPUaJeQ0rewqT3XOFX2AGMDjEua4Up1YJGNG7BleiFmZLOcnBsOHPUH/7OGuR7zov6AXH5jIJ5Um3bbFyGg173GhpBVv+WBwFCGNd/XQ77O+aiXFw4bySgLVbSROG2ODWfdESgEckvb1Q3tVRDdWQfn+MSduTs x-ms-exchange-antispam-messagedata: eC5+Psv6gfDFhRjp57rEx8kk/tVKAdZ8fw4dyU1ElgqEcPDa7lv6GNtmEJ5R0o3tg+qy9h6+eEgk1kGkjHYPIrUEv+stU8zDOqpLn1yPAd3IRD49TLF7gKcZeCAYt/NLYVMjvafyqgUzvjaI2KJUxVs/e7vfxazp0f0jff57YgZxN3aZwnuFXtkhVLagmiWi9tI0STh6JrtHFc2XhW6SLQ== x-ms-exchange-transport-forked: True Content-Type: multipart/mixed; boundary="_002_YTBPR01MB337401285CAA695E1D7AA5BADDE70YTBPR01MB3374CANP_" MIME-Version: 1.0 X-OriginatorOrg: uoguelph.ca X-MS-Exchange-CrossTenant-Network-Message-Id: 8cfb1a25-2553-4967-b609-08d7be3f61aa X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Mar 2020 00:19:32.6669 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: be62a12b-2cad-49a1-a5fa-85f4f3156a7d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: Tdm9MQM8yQ1hC5ZuzbBODAPFk1trjcIDgn3lW8apWO5KUzDXNY8bs103GHsT4K8Nzd3+Fh7SkM9JEFbgc1DCdg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: YTBPR01MB3440 X-Rspamd-Queue-Id: 48W13q2Y5cz49vh X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of rmacklem@uoguelph.ca designates 2a01:111:f400:fe5d::622 as permitted sender) smtp.mailfrom=rmacklem@uoguelph.ca X-Spamd-Result: default: False [-4.73 / 15.00]; RCVD_TLS_LAST(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-0.999,0]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; R_SPF_ALLOW(-0.20)[+ip6:2a01:111:f400::/48]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; TAGGED_RCPT(0.00)[]; HAS_ATTACHMENT(0.00)[]; DMARC_NA(0.00)[uoguelph.ca]; MIME_GOOD(-0.10)[multipart/mixed,text/plain]; RCVD_COUNT_THREE(0.00)[3]; TO_MATCH_ENVRCPT_SOME(0.00)[]; TO_DN_ALL(0.00)[]; IP_SCORE(-1.43)[ipnet: 2a01:111:f000::/36(-4.00), asn: 8075(-3.10), country: US(-0.05)]; FREEMAIL_TO(0.00)[gmail.com]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; R_DKIM_NA(0.00)[]; ASN(0.00)[asn:8075, ipnet:2a01:111:f000::/36, country:US]; ARC_ALLOW(-1.00)[i=1] X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Mar 2020 00:19:37 -0000 --_002_YTBPR01MB337401285CAA695E1D7AA5BADDE70YTBPR01MB3374CANP_ Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Luoqi Chen wrote:=0A= >On Fri, Feb 28, 2020 at 3:13 AM Martin Simmons >> wrote:=0A= >>>>>> On Thu, 27 Feb 2020 14:58:55 -0800, Luoqi Chen said:=0A= >>=0A= >> One more piece of information that might help: this behavior started=0A= >> somewhere between centos 5 and 6, kernel 2.6.18 and 2.6.32, i.e., the sa= me=0A= >> script would fail on 2.6.18. Timing wise I believe it coincided with the= =0A= >> introduction of nfsv4.=0A= >=0A= >Have you tried mounting it with nfsv3 recently? I can't repeat it with th= at=0A= >version (I don't run nfsv4 at all).=0A= >=0A= >Looks like I'm getting senile... The script works correctly with nfsv3 mou= nts. This is=0A= >a nfsv4 specific problem.=0A= Ok, I've re-read the Open section of the NFSv4 RFCs. They all have similar = wording.=0A= I can see how it can be interpreted multiple ways. Here's the RFC 5661 snip= pet:=0A= =0A= Based on the share_access value (OPEN4_SHARE_ACCESS_READ,=0A= OPEN4_SHARE_ACCESS_WRITE, or OPEN4_SHARE_ACCESS_BOTH), the client=0A= should check that the requester has the proper access rights to=0A= perform the specified operation. This would generally be the results=0A= of applying the ACL access rules to the file for the current=0A= requester. However, just as with the ACCESS operation, the client=0A= should not attempt to second-guess the server's decisions, as access=0A= rights may change and may be subject to server administrative=0A= controls outside the ACL framework. If the requester's READ or WRITE=0A= operation is not authorized (depending on the share_access value),=0A= the server MUST return NFS4ERR_ACCESS.=0A= =0A= Now, I had interpreted the last sentence meaning "apply the same check=0A= as Read/Write does". Since the owner of the file is always allowed to Read/= Write=0A= (as explained in a previous post), that is what the FreeBSD NFSv4 server do= es.=0A= However, I can see that it could be interpreted as "return NFS4ERR_ACCESS i= f=0A= the file modes/ACL would result in an EACCES error".=0A= --> As such, although it could result in an inconsistency between NFSv3 and= =0A= NFSv4, I could see the Linux client depending on that instead of usi= ng=0A= the replied information for the Access operation to decide if a POSI= X=0A= Open should be allowed.=0A= =0A= Anyhow, I've attached a trivial patch that changes the NFSv4 Open semantics= =0A= to conform to what the mode/ACL indicates.=0A= I am not sure that this patch should be applicable to head, but if it makes= the=0A= Linux client happy, I can see it being optionally enabled via a sysctl.=0A= =0A= Please let me know if you can test the patch and determine if the Linux NFS= v4=0A= mount works with the patched FreeBSD server.=0A= =0A= rick=0A= --_002_YTBPR01MB337401285CAA695E1D7AA5BADDE70YTBPR01MB3374CANP_ Content-Type: application/octet-stream; name="ownerover.patch" Content-Description: ownerover.patch Content-Disposition: attachment; filename="ownerover.patch"; size=1433; creation-date="Mon, 02 Mar 2020 00:19:17 GMT"; modification-date="Mon, 02 Mar 2020 00:19:17 GMT" Content-Transfer-Encoding: base64 LS0tIGZzL25mc3NlcnZlci9uZnNfbmZzZHNlcnYuYy5vd25lcm92ZXIJMjAyMC0wMy0wMSAwNzoy MDoxOC41NzYwNTIwMDAgLTA4MDAKKysrIGZzL25mc3NlcnZlci9uZnNfbmZzZHNlcnYuYwkyMDIw LTAzLTAxIDA3OjUxOjAwLjE2MjI2NjAwMCAtMDgwMApAQCAtMjc4NCw3ICsyNzg0LDcgQEAgbmZz cnZkX29wZW4oc3RydWN0IG5mc3J2X2Rlc2NyaXB0ICpuZCwgX191bnVzZWQgaW50IGlzCiAJdV9p bnQzMl90ICp0bDsKIAlpbnQgaSwgcmV0ZXh0OwogCXN0cnVjdCBuZnNzdGF0ZSAqc3RwID0gTlVM TDsKLQlpbnQgZXJyb3IgPSAwLCBjcmVhdGUsIGNsYWltLCBleGNsdXNpdmVfZmxhZyA9IDA7CisJ aW50IGVycm9yID0gMCwgY3JlYXRlLCBjbGFpbSwgZXhjbHVzaXZlX2ZsYWcgPSAwLCBvdmVycmlk ZTsKIAl1X2ludDMyX3QgcmZsYWdzID0gTkZTVjRPUEVOX0xPQ0tUWVBFUE9TSVgsIGFjZW1hc2s7 CiAJaW50IGhvdyA9IE5GU0NSRUFURV9VTkNIRUNLRUQ7CiAJaW50MzJfdCBjdmVyZlsyXSwgdHZl cmZbMl0gPSB7IDAsIDAgfTsKQEAgLTMwODgsMTUgKzMwODgsMTYgQEAgbmZzcnZkX29wZW4oc3Ry dWN0IG5mc3J2X2Rlc2NyaXB0ICpuZCwgX191bnVzZWQgaW50IGlzCiAJCSAqLwogCQluZC0+bmRf cmVwc3RhdCA9ICh2cC0+dl90eXBlID09IFZESVIpID8gTkZTRVJSX0lTRElSIDogTkZTRVJSX1NZ TUxJTks7CiAJfQorCW92ZXJyaWRlID0gTkZTQUNDQ0hLX05PT1ZFUlJJREU7CiAJaWYgKCFuZC0+ bmRfcmVwc3RhdCAmJiAoc3RwLT5sc19mbGFncyAmIE5GU0xDS19XUklURUFDQ0VTUykpCiAJICAg IG5kLT5uZF9yZXBzdGF0ID0gbmZzdm5vX2FjY2Noayh2cCwgVldSSVRFLCBuZC0+bmRfY3JlZCwK LQkgICAgICAgIGV4cCwgcCwgTkZTQUNDQ0hLX0FMTE9XT1dORVIsIE5GU0FDQ0NIS19WUElTTE9D S0VELCBOVUxMKTsKKwkgICAgICAgIGV4cCwgcCwgb3ZlcnJpZGUsIE5GU0FDQ0NIS19WUElTTE9D S0VELCBOVUxMKTsKIAlpZiAoIW5kLT5uZF9yZXBzdGF0ICYmIChzdHAtPmxzX2ZsYWdzICYgTkZT TENLX1JFQURBQ0NFU1MpKSB7CiAJICAgIG5kLT5uZF9yZXBzdGF0ID0gbmZzdm5vX2FjY2Noayh2 cCwgVlJFQUQsIG5kLT5uZF9jcmVkLAotCSAgICAgICAgZXhwLCBwLCBORlNBQ0NDSEtfQUxMT1dP V05FUiwgTkZTQUNDQ0hLX1ZQSVNMT0NLRUQsIE5VTEwpOworCSAgICAgICAgZXhwLCBwLCBvdmVy cmlkZSwgTkZTQUNDQ0hLX1ZQSVNMT0NLRUQsIE5VTEwpOwogCSAgICBpZiAobmQtPm5kX3JlcHN0 YXQpCiAJCW5kLT5uZF9yZXBzdGF0ID0gbmZzdm5vX2FjY2Noayh2cCwgVkVYRUMsCi0JCSAgICBu ZC0+bmRfY3JlZCwgZXhwLCBwLCBORlNBQ0NDSEtfQUxMT1dPV05FUiwKKwkJICAgIG5kLT5uZF9j cmVkLCBleHAsIHAsIG92ZXJyaWRlLAogCQkgICAgTkZTQUNDQ0hLX1ZQSVNMT0NLRUQsIE5VTEwp OwogCX0KIAo= --_002_YTBPR01MB337401285CAA695E1D7AA5BADDE70YTBPR01MB3374CANP_--